About this blog

About Deloitte Insights

Deloitte’s Insights for C-suite executives and board members provide information and resources to help address the challenges of managing risk for both value creation and protection, as well as increasing compliance requirements.

Search Deloitte Insights

Related Deloitte Insights

Historically, insider threat mitigation has been predominately viewed as a cybersecurity challenge that is strictly an IT responsibility. But by taking a broader view, companies can help assure the business, protect employees and safeguard critical data, systems and facilities. Learn what to consider when designing, building and implementing a formal insider threat mitigation program.

As the frequency and severity of bank fraud continue to increase, many financial services organizations are developing new approaches for protecting their customers and operations. Learn about tactics and technologies financial institutions are using to respond to the increase in credit and debit card fraud, including continuous monitoring of transactions and “chip and PIN” technologies.

As mobile and online banking channels proliferate, traditional anti-fraud strategies and technologies embraced by the financial services sector may no longer be sufficient to detect and prevent consumer fraud. A promising operational framework for fighting fraud features anti-fraud teams, IT talent and regulatory compliance groups working in nontraditional ways and using advanced analytics, flexible data environments and other resources.

Deloitte Views & Analysis

Under Mexico’s energy reform program, which ends 75 years of state monopoly in the local electricity and oil and gas sectors, the Mexican government will enter into arrangements with private investors to exploit unexplored, underused, unconventional reserves and increase competition in the electricity sector to lower local prices. Deloitte’s “Oil & Gas Spotlight” provides insight into select aspects of energy reform in Mexico, including potential accounting implications of the reform under Mexico Financial Reporting Standards and U.S. GAAP.

In support of longer-term performance, tackling challenges within five discrete areas should rank high on insurers' strategic agendas: business transformation, longevity risks, information fluency, compliance process transformation and capital management. Converting these challenges into opportunities for growth and performance enhancement, such as emphasizing products and services that are more flexible, customizable and consumer-driven, could determine which companies are most effectively positioned to lead the industry.

Pressure to create value in the life sciences industry is driving M&A, divestitures and restructurings at unprecedented levels. Life sciences companies can leverage deal-making opportunities to increase company valuations and capitalize on synergies that allow their organizations to scale rapidly. Factors impacting life sciences M&A activity include patent expirations, pricing pressures, growth of foreign and emerging markets and rising cross-border activity.

Four Steps to Improve Bank Fraud Monitoring with Analytics

Although banks have used continuous monitoring capabilities for years, both for protection of customers and regulatory compliance, they may not be keeping pace with rapidly changing regulatory requirements. Legislation such as the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank) provides new antifraud authority to regulators and creates potentially huge financial incentives to whistleblowers. In some cases, Dodd-Frank even lowers the standard for holding persons legally accountable for certain actions¹, making it easier to bring charges against them.

One way to stay ahead of tightening regulatory scrutiny is to enhance continuous monitoring by combining it with advanced data analytics, thereby creating a preemptive compliance tool. With such a tool banks can improve their ability to detect potential wrongdoing more efficiently than in the past, and take remedial action before whistleblowers and regulators spring into action. “With banks facing heightened regulatory and public scrutiny, using advanced analytics to help identify potential wrongdoing sooner may be a strategic and operational imperative,” says Toby Bishop, director of the Deloitte Forensic Center for Deloitte Financial Advisory Services LLP. “Without analytics, the process of uncovering fraudulent manipulations may not be as accurate and can take more time and effort given the large volume of data generated by most banks,” he adds.

A Risk-based Approach

To detect and identify potential fraud before the launch of a formal regulatory investigation banks should consider applying a risk-based approach to continuous monitoring. “Banks should leverage the results of risk assessments to target their analytics efforts and fine-tune their monitoring systems for continuous improvement and more efficient oversight,” says Dan Krittman, a principal with Deloitte Financial Advisory Services LLP and the national leader of its Data Analytics practice. “These steps can enhance fraud deterrence, and show regulators an enterprise-wide commitment to enforcing an effective anti-fraud strategy,” Mr. Krittman adds.

Banks also should consider using a risk-based approach for conducting fraud monitoring tests, factoring in the nature of violations, such as fraudulent reporting, anti-corruption violations or insider trading. Since specific risks will vary by bank, assessments can help identify tests and analytics techniques that can help improve the effectiveness of continuous monitoring systems. Banks should explicitly define the techniques they use in their fraud mitigation plans and outline the main business functions at risk. This approach can help better allocate resources to high-risk departments and focus continuous monitoring on specific areas for analytic testing.

Improving the ability to distinguish between valid alerts and false alarms is another area where banks should focus their monitoring efforts. Traditional transaction monitoring processes become less effective when they return false-positives—transactions that are flagged as suspicious but that turn out to be in compliance. Following up on and investigating such false alarms can be time consuming and costly.² “By performing periodic reviews of test results and incorporating feedback into the monitoring process, systems can learn to detect true anomalies more efficiently, with lower levels of false alarms,” says Mike McCabe, a director in the Analytics practice of Deloitte Financial Advisory Services LLP.

In addition to transaction-based monitoring, banks should consider incorporating into their systems unstructured data such as e-mails, counterparty contracts and other text-based documents. In that way, they can build a central platform that combines structured and unstructured datasets to improve risk-scoring. “Banks then can use link analysis to identify relationships between different datasets,” notes Mr. McCabe. Link analysis is one of the more common visual analytic techniques used to demonstrate complex networks and identify hidden relationships, especially among a variety of entities. For example, consider a payment ranked with a low risk score by a transaction-based monitoring system. If a related e-mail references this payment as part of an apparent fraud scheme, the transaction’s risk score would need to be raised, he explains.

Four Steps to Incorporating Analytics into Continuous Monitoring Programs

Continuous monitoring programs differ depending on the specific challenges each bank faces. However, there are four general steps bank management can take, and related questions to consider, when introducing advanced analytics into existing continuous monitoring programs.

1. Review the company’s fraud risk assessment resultsfrom an analytics perspective and identify targeted tests that can be implemented to address high-risk areas. Consider the following questions during the evaluation:

Do existing tests address specific risks identified during the assessment?

What new analytic tests can be applied to gain insights into transactions of interest and what existing tests can be eliminated?

Can tests be modified to pinpoint anomalies specific to high-risk areas?

Does the bank have the ability to expand or adjust testing based on anomalies identified?

2. Evaluate the accuracy and effectiveness of monitoring systems and perform periodic reviews. To help isolate issues, consider the following questions:

Are many false positives generated? If so, why?

Are potential violations being missed, and if so, what is allowing them to be missed?

Do you use statistical analysis to fine-tune alerts and incorporate the feedback from forensic examinations on a regular basis? Doing so can help create an evolving process that “learns,” is capable of handling exceptions and adapts to a changing environment.

3. Benchmark analytics procedures used in current monitoring systems against the latest advanced analytics techniques and technology available on the market. When comparing analytics, consider the following questions and ideas:

What gaps exist using the available solutions?

What techniques can be leveraged to predict fraud occurrence?

Consider using predictive modeling, data visualization and text analytics to help increase accuracy and speed while reducing costs.

4. Assess to what extent company data is integrated across originating sources and departments. During the assessment, think about the following:

Consider combining structured and unstructured data to help obtain a more holistic view of bank operations.